IBM Support

Apache Batik update for CVE-2015-0250

Download


Abstract

This is an update for IBM Rational Application Developer for WebSphere Software to address a vulnerability in Apache Batik used by a variety of tools within the product.

Download Description

Table of Contents
Sections Description

The How critical is this fix section provides information related to the impact of this release to allow you to assess how your environment may be affected.

The Prerequisites section provides important information to review prior to the installation of this release.

The Installation instructions section provides the installation instructions necessary to apply this release into your environment.

The Download package section provides the direct link to obtain the download package for installation in your environment.

Prerequisites

Prerequisites include:

One of the following IBM Rational Application Developer for WebSphere Software versions must be installed:

The update for the 8.0 and 8.5 releases will need approximately 500KB of free disk space to install the interim fix.

To download and extract the compressed installation files, an additional 600KB of disk space is required.

The update for the 9.0 and 9.1 releases will need approximately 5MB of free disk space to install the interim fix.

To download and extract the compressed installation files, an additional 6MB of disk space is required.

Back to top

Installation Instructions

Instructions to download and install the update from the compressed files

  1. Download the update files from Fix Central by following the link listed in the download table below

  2. Extract the compressed files in an appropriate directory. For example, choose to extract to C:\temp\update

  3. Copy the contents of the <extraction location>/features/ directory to <product install directory>/features/

  4. Copy the contents of the <extraction location>/plugins/ directory to <product install directory>/plugins/

Back to top

Download Package

Click the FC link below to download the updates from Fix Central.

For IBM Rational Application Developer for WebSphere Software Versions 8.0.x

  1. On the Select Fixes page, select interim fix: Rational-RAD80-CVE-2015-0250-ifix (Fix for the CVE-2015-0250 vulnerability in the Apache Batik functionality)

For IBM Rational Application Developer for WebSphere Software Versions 8.5.x

  1. On the Select Fixes page, select interim fix: Rational-RAD85-CVE-2015-0250-ifix (Fix for the CVE-2015-0250 vulnerability in the Apache Batik functionality)

For IBM Rational Application Developer for WebSphere Software Versions 9.0.x

  1. On the Select Fixes page, select interim fix: Rational-RAD90-CVE-2015-0250-ifix (Fix for the CVE-2015-0250 vulnerability in the Apache Batik functionality)

For IBM Rational Application Developer for WebSphere Software Versions 9.1.x

  1. On the Select Fixes page, select interim fix: Rational-RAD91-CVE-2015-0250-ifix (Fix for the CVE-2015-0250 vulnerability in the Apache Batik functionality)

Back to top

How critical is this fix?

Impact Assessment
Impact Description

Corrective

This download provides an update for tools packaged with IBM Rational Application Developer for WebSphere Software to address the vulnerability outlined in the following security bulletin:

Security Bulletin: Security Vulnerability in Apache Batik

Back to top

Click the link in the Download Options column:

On
[{"DNLabel":"Rational-RAD80-CVE-2015-0250-ifix","DNDate":"11 Aug 2015","DNLang":"English","DNSize":"1","DNPlat":{"label":"Windows","code":"PF033"},"DNURL":"http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7ERational&product=ibm/Rational/IBM+Rational+Application+Developer+for+WebSphere+Software&release=8.0.0&platform=All&function=fixId&fixids=Rational-RAD80-CVE-2015-0250-ifix&includeSupersedes","DNURL_FTP":" ","DDURL":null},{"DNLabel":"Rational-RAD85-CVE-2015-0250-ifix","DNDate":"11 Aug 2015","DNLang":"English","DNSize":"1","DNPlat":{"label":"Windows","code":"PF033"},"DNURL":"http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Rational&product=ibm/Rational/IBM+Rational+Application+Developer+for+WebSphere+Software&release=8.5.0&platform=All&function=fixId&fixids=Rational-RAD85-CVE-2015-0250-ifix&includeSuperse","DNURL_FTP":" ","DDURL":null},{"DNLabel":"Rational-RAD90-CVE-2015-0250-ifix","DNDate":"11 Aug 2015","DNLang":"English","DNSize":"1","DNPlat":{"label":"Windows","code":"PF033"},"DNURL":"http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Rational&product=ibm/Rational/IBM+Rational+Application+Developer+for+WebSphere+Software&release=9.0.0&platform=All&function=fixId&fixids=Rational-RAD90-CVE-2015-0250-ifix&includeSuperse","DNURL_FTP":" ","DDURL":null},{"DNLabel":"Rational-RAD91-CVE-2015-0250-ifix","DNDate":"11 Aug 2015","DNLang":"English","DNSize":"1","DNPlat":{"label":"Windows","code":"PF033"},"DNURL":"http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Rational&product=ibm/Rational/IBM+Rational+Application+Developer+for+WebSphere+Software&release=9.1.0&platform=All&function=fixId&fixids=Rational-RAD91-CVE-2015-0250-ifix&includeSuperse","DNURL_FTP":" ","DDURL":null}]
[{"Product":{"code":"SSRTLW","label":"Rational Application Developer for WebSphere Software"},"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Component":"General Information","Platform":[{"code":"PF016","label":"Linux"},{"code":"PF022","label":"OS X"},{"code":"PF033","label":"Windows"}],"Version":"8.0;8.0.1;8.0.2;8.0.3;8.0.4;8.0.4.1;8.0.4.2;8.0.4.3;8.5;8.5.1;8.5.5;8.5.5.1;8.5.5.2;9.0;9.0.1;9.0.1.1;9.1;9.1.0.1;9.1.1;9.0.1.2","Edition":"","Line of Business":{"code":"LOB45","label":"Automation"}}]

Document Information

Modified date:
04 February 2020

UID

swg24040417

Page Feedback